Rif: Comparison of Web Servers
From: Remo.Cornali@rcs.it
Date: 04/23/03
- Previous message: Stephen Entwisle: "SecurityFocus Article Announcement"
- Next in thread: jdog1016: "Re: Rif: Comparison of Web Servers"
- Reply: jdog1016: "Re: Rif: Comparison of Web Servers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: bsec <bsec@cotse.net> From: Remo.Cornali@rcs.it Date: Wed, 23 Apr 2003 17:52:31 +0200
> comparing web servers from a security perspective?
A well-patched Apache is as secure as you can get.
A well-patched IIS is also as secure as you can get.
Miss just one patch, and your webserver, whatever it is, is unsecure.
There is no such thing as a slightly unsecure webserver,
anymore than there is a being like a slightly pregnant woman.
You may, however, want to consider a webserver's MTBSP
(Mean Time Between Security Patches). ;-))
Keeping up with IIS is a lot more work.
Ciao!
Remo Cornali
---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
world's premier event for IT and network security experts. The two-day
Training features 6 hand-on courses on May 12-13 taught by professionals.
The two-day Briefings on May 14-15 features 24 top speakers with no vendor
sales pitches. Deadline for the best rates is April 25. Register today to
ensure your place. http://www.securityfocus.com/BlackHat-security-basics
----------------------------------------------------------------------------
- Previous message: Stephen Entwisle: "SecurityFocus Article Announcement"
- Next in thread: jdog1016: "Re: Rif: Comparison of Web Servers"
- Reply: jdog1016: "Re: Rif: Comparison of Web Servers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
